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IN THE CLAIMS: 

The text of all pending claims, (including withdrawn claims) is set forth below. Cancelled 
and not entered claims are indicated with claim number and status only. The claims as listed 
below show added text with underlining and deleted text with str i koth rough . The status of each 
claim is indicated with one of (original), (currently amended), (cancelled), (withdrawn), (new), 
(previously presented), or (not entered). 

Please AMEND and CANCEL the claims in accordance with the following: 

1 . (Currently Amended) A security system comprising an information management 
system that manages information and an encryption support system that supports encryption of 
the information and in network communication with the information management svstem -ift-the 
i nformat i on managomont system , 

the encryption support system including 

an encryption rule storing portion that stores rule information that indicates an 

i nformat i on socrot , 

an encryption data transmitting portion that transmits encryption data that is 
necessary for encrypting the information in accordance with the encryption rule over the network 
to the information management system, 

a process information receiving portion that receives process information , which 
tha^indicates tfrean encryption process performed by the information management system , over 
the network from the information management system, 

a monitoring portion that monitors whether or not the encrypt i on of information is 
porformod encrypted in accordance with the encryption rule by the information management 
system on tho bas i s of based upon the process information received over the network from the 
information management system, and 

a warning portion that warns the information management system over the 
network, if the monitoring portion has determined that the information is not encrypted in 
accordance with the encryption rule that was found to oncrypt i nformat i on not i n accordanco w i th 
tho ru l o by tho mon i tor i ng port i on to do encrypt i on of i nformat i on i n accordanco w i th tho ru l o , and 
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the information management system including 

an encryption data receiving portion that receives the encryption data over the 
network from the encryption support system, 

a classification secret level storing portion that stores classification of the 
information manag e d by th e i nformat i on manag e ment syst e m in connection with tbea secret 
level for each of th e classification, 

an encrypting portion that specifies the classification of the information and 
encrypts the information manag e d by th e i nformat i on manag e m e nt syst e m by using the received 
encryption data of the secret level corr e spond i ng to for the specified classification of th e 
i nformat i on r e c ei v e d by th e e ncrypt i on data r e ceiving port i on , 

an information storing portion that stores the encrypted information e ncrypt e d by 
th e e ncrypt i ng port i on , and 

a process information transmitting portion that transmits the process information 
about th e e ncrypt i on p e rform e d by th e e ncrypt i ng port i on over the network to the encryption 
support system. 

2. (Currently Amended) The security system according to claim 1 , wherein the rule 
information indicates , as the encryption rule, a rule about cryptography and a valid term of an 
encryption key for encrypting the information the rul e i nc l ud i ng an e ncrypt i on syst e m that i s us e d 
for e ncrypt i on and a va li d t e rm of an e ncrypt i on key that i s us e d for th e e ncrypt i on , 

if a period from the encryption process of the information s i nc e th e i nformat i on 
manag e m e nt syst e m e ncrypt e d i nformat i on unti l to the present time exceeds the valid term 
r ele vant to for the encryption rule of the secret level corr e spond i ng to for the classification of 
the information, the warning portion warns the information management system, 

if the cryptography of the encryption syst e m that i s i nd i cat e d i n th e rule i nformat i on is 
changed, the encryption data transmitting portion transmits the encryption data for performing 
encryption in accordance with the changed e ncrypt i on syst e m cryptography to the information 
management system, and 

the warning portion warns the information management system to encrypt the p e rform 
e ncrypt i on of information in accordance with the changed e ncrypt i on syst e m cryptography . 

3. (Currently Amended) The security system according to claim 1 , wherein the 
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information management system includes 

a classification secret level transmitting portion that transmits classification secret level 
information , which that-indicates the classification of informat i on manag e d by th e i nformat i on 
manag e m e nt syst e m and the secret level correspond i ng to for the classification , over the 
network to the encryption support system, and 

the monitoring portion p e rforms the mon i toring of the encryption support system monitors 
whether the information is encrypted in accordance with the encryption rule by the information 
management system based upon the process information received over the network from the 
information management system by comparing the received process information r e c ei v e d from 
th e i nformat i on manag e m e nt syst e m with the received classification secret level information. 

4. (Currently Amended) The security system according to claim 1 , further 
comprising a valid term managing portion that manages a valid term of a certification for affixing 
an electronic signature to the information, wherein 

the monitoring portion monitors whether or not it is necessary to r e aff i x th e affix a different 
electronic signature to the information in accordance with the valid term of the certification, and 

the warning portion warns the information management system for manag i ng th e 
i nformat i on to feafft xaffix the different electronic signature to the information if it is decided that it 
is necessary to peaffr xaffix the different electronic signature. 

5. (Currently Amended) An information management system that manages 
information and receives support for encrypting information from an encryption support systemjn 
a network communication with the information management system , comprising: 

a receiving portion that receives rule information , which that-indicates an encryption rule 
of i nformat i on d e f i n e d for each secret level that i s a l e v el of want i ng to k ee p i nformat i on s e cr e t 
and encryption data that ar e necessary for encrypting the information in accordance with the 
encryption rule , over the network from the encryption support system; 

a classification secret level storing portion that stores classification of the information 
manag e d by th e i nformat i on manag e m e nt syst e m for e ach c l ass i f i cat i on in connection with thea 
secret level; 
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an encrypting portion that specifies the classification of the information and encrypts the 
information manag e d by th e i nformat i on manag e m e nt syst e m by using the received encryption 
data of the secret level corr e spond i ng to for the specified classification of th e i nformat i on 
r e c ei v e d by th e r e c ei v i ng port i on ; 

an information storing portion that stores the encrypted information e ncrypt e d by th e 
e ncrypt i ng port i on ; and 

a process information transmitting portion that transmits process information , which that 
indicates the encryption process performed by the encrypting portion , over the network to the 
encryption support system so as to receive a check of_whether or not the encryption of the 
information was performed in accordance with the encryption rule. 



6. (currently amended) An encryption support system that encrypts information and 
supports an information management system that manages information and is in communication 
over a network with the encryption support system , the encryption support system comprising: 

an encryption rule storing portion that stores rule information that indicates an encryption 

a transmitting portion that transmits encryption data that is necessary for encrypting the 
information in accordance with the encryption rule over the network to the information 
management system; 

a receiving portion that receives process information , which tha^indicates the encryption 
process performed by the information management system , over the network from the 
information management system; 

a monitoring portion that monitors whether or not the e ncrypt i on of information is 
p e rform e d encrypted in accordance with the encryption rule by the information management 
system on th e bas i s of based upon the process information received over the network from the 
information management system; and 

a warning portion that warns the information management system over the network, if the 
monitoring portion has determined that the information is not encrypted according to the 
encryption rule that was found to e ncrypt i nformat i on not i n accordanc e w i th th e ru le by th e 
mon i tor i ng port i on to do e ncrypt i on of i nformation i n accordanc e w i th th e ru le. 



7. (currently amended) AflThe encryption support system according to claim 6, 
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further comprising a validity monitoring portion that monitors validity of an encryption rule that is 
used currently in accordance with vulnerability information about vulnerability of security received 
from a security information providing portion, wherein 

the transmitting portion transmits the encryption data for changing the encryption rule 
appropriately^ to the information management system over the network, if it-is-decided that the 
encryption rule that i s used currently has Melow validity. 

8. (currently amended) A computer-readable storage storing a program supporting 
encryption of information for an information management system that manages information, the 
program causing tbea computer , which is in a network communication with the information 
management system, to execute a process comprising: 

secret level that i s a le v el of want i ng to k ee p i nformat i on s e cr e t and encryption data that is 
necessary for encrypting the information in accordance with the encryption rule over the network 
to the information management system; 

receiving process information , which that-indicates toean encryption process performed 
by the information management system , over the network from the information management 
system; 

monitoring whether or not the e ncryption of information is p e rform e d encrypted in 
accordance with the encryption rule by the information management system on th e bas i s 
o f based upon the process information received over the network from the information 
management system; and 

warning the information management system over the network, if the monitoring 
determines the information is not encrypted in accordance with the encryption rule that was found 
to e ncrypt i nformat i on not i n accordanc e w i th the ru le by th e mon i tor i ng m e ans to do e ncrypt i on 
of i nformat i on i n accordanc e w i th th e ru le. 
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9. (currently amended) A method, comprising: 

transmitting, over a computer network, an encryption rule for a security level to an 
information management computer; 

monitoring whether data is encrypted by the information management computer in 
accordance with a pr e d e t e rm i n e d the encryption rule for a the security level; and 

produc i ng a warning the information management system over the network, if the data is 
not encrypted in accordance with the encryption rule. 

10. (cancelled) 

1 1 . (currently amended) A security system comprising an information management 
system that manages and encrypts information and an encryption support system that is in a 
network communication with the information management system and that supports encryption 
of the information performed by the information management system, 

the encryption support system comprising: 

an encryption rule storing portion that stores rule information that indicates an 
encryption rule for e ncrypt i ng i nformat i on for each encryption rank corresponding to an 
importance of information under an encryption policy, 

an encryption data transmitting portion that transmits encryption data that is 
necessary for encrypting the information in accordance with the encryption rule over the network 
to the information management system, 

a process information receiving portion that receives process information , which 
that indicates an encryption of i nformat i on process performed by the information management 
system , over the network from the information management system, 

a monitoring portion that monitors whether or not the e ncrypt i on of information is 
p e rform e d encrypted in accordance with the encryption rule by the information management 
system on th e bas i s of based upon the process information received over the network from the 
information management system, and 

a compliance portion that orders the information management system over the 
network , if found not to e ncrypt the monitoring portion determines the information is not encrypted 
in accordance with the encryption rule, to encrypt thejnformation in accordance with the 
encryption rule, and 
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the information management system comprising: 

an encryption data receiving portion that receives the encryption data over the 
network from the encryption support system, 

an encryption rank classification storing portion that stores classification of 
information manag e d by th e i nformat i on manag e ment syst e m in connection with an encryption 
rank for each classification, 

an encrypting portion that specifies the classification of the information and 
encrypts the information manag e d by th e i nformat i on manag e m e nt syst e m by using the received 
encryption data ofoft the encryption rank corr e spond i ng to forthe specified classification of th e 
i nformat i on to b e e ncrypt e d , 

an information storing portion that stores the encrypted information e ncrypt e d by 
th e e ncrypt i ng port i on , and 

a process information transmitting portion that transmits the process information 
that i nd i cat e s th e e ncrypt i on of th e i nformat i on perform e d by th e e ncrypt i ng port i on over the 
network to the encryption support system. 



